LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-20-2010, 01:31 AM   #1
salimshahzad
Member
 
Registered: Dec 2009
Posts: 200

Rep: Reputation: 15
how to create user similar to root privileges


dear gurus

i do need to create 1 user who has similar to root privileges but the username will not be root. say create user john

advise please suggest how best we can achieve this.

kind regard
salim
 
Old 02-20-2010, 02:07 AM   #2
mattseanbachman
Member
 
Registered: Feb 2010
Posts: 40

Rep: Reputation: 15
Quote:
Originally Posted by salimshahzad View Post
dear gurus

i do need to create 1 user who has similar to root privileges but the username will not be root. say create user john

advise please suggest how best we can achieve this.

kind regard
salim
Please make a backup of /etc/passwd before trying this, because I'm not an expert, but if you change a user's UID and GID to 0 then they will have the permissions of root.

So, you go into /etc/passwd and change the numbers by the user you want to become 'root-like' to 0's. Look at this for instance:

root:x:0:0:root:/root:/bin/bash
newroot:x:123:123:newroot

See, in the above I'd change those numbers to zeros to make the user be the new root.


Hope this helps, remember to BACKUP your passwd file so nothing gets screwed up on account of my advice.

=mattseanbachman
 
Old 02-20-2010, 02:17 AM   #3
deostroll
Member
 
Registered: Aug 2007
Location: Bangalore
Distribution: fedora
Posts: 112

Rep: Reputation: 15
@mattseanbachman there is no /etc/passwd. I use centos 5.
 
Old 02-20-2010, 02:27 AM   #4
mattseanbachman
Member
 
Registered: Feb 2010
Posts: 40

Rep: Reputation: 15
Quote:
Originally Posted by deostroll View Post
@mattseanbachman there is no /etc/passwd. I use centos 5.
Maybe try doing this, login as root and do:

find / -name passwd

Or if centos is like my system:

sudo find / -name passwd


One of the results should be the password file, assuming that the file is of the same name (god, I should hope it would be).

Sorry I can't be of more help with Centos, I've never used that at all, I know nothing about it whatsoever. Hopefully someone else might be able to help if they have more experience (i.e. any whatsoever) than I have.

 
Old 02-20-2010, 02:34 AM   #5
linuxlover.chaitanya
Senior Member
 
Registered: Apr 2008
Location: Nagpur, India
Distribution: Cent OS 5/6, Ubuntu Server 10.04
Posts: 4,629

Rep: Reputation: Disabled
Quote:
Originally Posted by deostroll View Post
@mattseanbachman there is no /etc/passwd. I use centos 5.
I am using CentOS5.4 and it has the file. Try cat /etc/passwd. Keep the caps and spellings.
 
Old 02-20-2010, 02:36 AM   #6
linuxlover.chaitanya
Senior Member
 
Registered: Apr 2008
Location: Nagpur, India
Distribution: Cent OS 5/6, Ubuntu Server 10.04
Posts: 4,629

Rep: Reputation: Disabled
@OP:

What do you mean root like? If you want some user to be able to do the administrative tasks then put the user in the root group and make sure the primary group for the user is root. You can also use sudo for the same.
 
Old 02-20-2010, 02:39 AM   #7
catkin
LQ 5k Club
 
Registered: Dec 2008
Location: Tamil Nadu, India
Distribution: Debian
Posts: 8,576
Blog Entries: 31

Rep: Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195
AFAIK mattseanbachman's suggestion will work but these are not two "userid"s; they are a single userid (that is: 0) with two "username"s. Files created by newroot will be shown as belonging to root because they are actually owned by used ID 0 and the utilities mapping userid to username use the first occurrence of userid 0 in /etc/passwd to find the username.

Creating another user with userid 0 and groupid 0 may not be the best way to do whatever it is you want to do ... ?
 
Old 02-20-2010, 03:06 AM   #8
salimshahzad
Member
 
Registered: Dec 2009
Posts: 200

Original Poster
Rep: Reputation: 15
dear gurus

as beginnner what do you suggest best practice to adopt.

appreciate your all quick response, what is the best practice i should adopt.

say i want to create user JOHN who want to use privilege of root. what steps or step by step i should take so that user JOHN can work as administrator at any time. sudo work if u login as root first, then sudo comes.

kind regards
 
Old 02-20-2010, 03:11 AM   #9
linuxlover.chaitanya
Senior Member
 
Registered: Apr 2008
Location: Nagpur, India
Distribution: Cent OS 5/6, Ubuntu Server 10.04
Posts: 4,629

Rep: Reputation: Disabled
I guess you are still not clear about sudo. You do not need root password for sudo. Just the user password. And when administrative task has to be performed, it can be done by sudo privileges.
Like fdisk command you will run like:

sudo fdisk -l. User will be prompted for password. It is not root password but the user's password that need to be given.
As catkin said, do not change the passwd file. Use group permissions. That is what groups are for.
 
Old 02-20-2010, 04:11 AM   #10
catkin
LQ 5k Club
 
Registered: Dec 2008
Location: Tamil Nadu, India
Distribution: Debian
Posts: 8,576
Blog Entries: 31

Rep: Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195
Quote:
Originally Posted by salimshahzad View Post
say i want to create user JOHN who want to use privilege of root. what steps or step by step i should take so that user JOHN can work as administrator at any time.
The standard ways are:
  • for ordinary users to use sudo or su to assume root priviliges (this is equivalent to Windows' "Run as"
  • to set up a terminal shortcut that starts a terminal as root (this actually uses su; you will be prompted for root's password)
While it is a great convenience in the Windows world to routinely use a logon with administrative privileges, it is also very insecure; choosing not to do so is probably the single greatest step in improving Windows security. Having to use "Run as", or logging on as a different user is a small price to pay for avoiding the dangers.

Similarly, in the Linux world, having to use sudo or su is a small price to pay for the greater security of only using root privileges when necessary
 
Old 02-20-2010, 05:16 AM   #11
Disillusionist
Senior Member
 
Registered: Aug 2004
Location: England
Distribution: Ubuntu
Posts: 1,038

Rep: Reputation: 97
The other advantage of using sudo is that you can be more granular about the amount of power you grant to your new user.

This is helpful if you have a team of users who require enhanced permissions to a handful of commands.

control over sudo permissions is stored in /etc/sudoers although this should be edited by the visudo command.

If you are not a fan of vi you can change the default text editor by setting the environment variable EDITOR
Code:
export EDITOR=kate
visudo
For more information about the sudoers file
Code:
man sudoers
 
Old 02-21-2010, 07:41 PM   #12
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,260

Rep: Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328
As previous poster: if you only need a few cmds to be run as root, use sudo as described.
For a full access to root, you can tell john the root passwd, but have them login as john, then

su -

and give root passwd.

You can also add a user to the root's group, but this may cause ownership issues for file creation.

It's definitely not a good idea to stay logged in as root any longer than absolutely needed.

BTW, the passwd file is /etc/passwd on all Linux & Unix & *BSD systems.
However it is case sensitive and most modern systems store the actual passwd values elsewhere, usually /etc/shadow unless using eg NIS, LDAP etc.

Last edited by chrism01; 02-21-2010 at 07:44 PM.
 
Old 02-21-2010, 08:16 PM   #13
Quakeboy02
Senior Member
 
Registered: Nov 2006
Distribution: Debian Squeeze 2.6.32.9 SMP AMD64
Posts: 3,277

Rep: Reputation: 126Reputation: 126
If you give your user root privileges, then there will be no usable log as to what he does and he can do anything. OTOH, if you use sudo to assign specific privileges, then he will be limited to just those actions and what he does will be logged as his userid.
 
Old 02-21-2010, 08:29 PM   #14
custangro
Senior Member
 
Registered: Nov 2006
Location: California
Distribution: Fedora , CentOS , RHEL
Posts: 1,971
Blog Entries: 1

Rep: Reputation: 208Reputation: 208Reputation: 208
Quote:
Originally Posted by salimshahzad View Post
dear gurus

i do need to create 1 user who has similar to root privileges but the username will not be root. say create user john

advise please suggest how best we can achieve this.

kind regard
salim
First off...YES there *IS* a /etc/passwd file in CentOS 5

if you want user "john" to have similar root priv then use sudo

visudo

Code:
john ALL=(ALL) ALL
-C

Last edited by custangro; 02-21-2010 at 08:35 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
What is the command to create a new user with certain privileges? bleevu Linux - Security 3 06-27-2008 06:16 AM
Create a normal “user” with “shut down” privileges? John79 Linux - Newbie 2 02-18-2008 04:43 AM
Create new account with root privileges? prasannasellam Linux - Newbie 2 01-21-2008 02:34 AM
Create Profiles with Root Privileges dumbsheep Linux - Newbie 7 01-11-2005 02:46 PM
How can I create a user with the same privileges as the root ? Menestrel Linux - Newbie 3 11-19-2003 10:38 PM


All times are GMT -5. The time now is 10:03 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration